Huawei switch basic configuration (telnet/ssh login)

One 、 Huawei S5700 Switch initialization and configuration SSH and TELNET Remote login method ：
Configure login IP Address ：
system-view // Enter system configuration mode
[Quidway]interface Vlanif 1 // Enter the third floor vlanif Interface
[Quidway-Vlanif1]ip address 192.168.0.1 255.255.255.0 // Configuration Management IP Address

establish web Log in to the management account ：
[Quidway]http server enable // Open... In the system view http service
[Quidway]http secure-server enable // Open... In the system view http Security service namely https
[Quidway]aaa // Enter under system view aaa Pattern
[Quidway-aaa]local-user admin privilege level 15 /// To configure http Login permissions
[Quidway-aaa]local-user admin service-type http /// Turn on http Login service
[Quidway-aaa]quit /// sign out aaa Pattern

If telnet Can log in , but console If you can't log in , You have in aaa Give permission to the account to be logged in
[Quidway-aaa]local-user admin service-type terminal ssh telnet ftp

establish vlan：
system-view　　　　　　　　 /// Enter system configuration mode
[Quidway]vlan 10　　　　　　　　　　　 /// establish vlan 10
[Quidway-vlan10]quit　　　　　　　　　　/// Exit system configuration mode
[Quidway]interface Vlanif 10　　　　　　/// Enter the configuration vlan 10 The pattern of
[Quidway-Vlanif10]ip address 192.168.0.1 255.255.255.0
/// by vlan 10 To configure IP Address and mask
[Quidway-vlan10]quit　　　　　　　　　/// Exit system configuration mode

[Quidway-GigabitEthernet0/0/2]　　　　 /// Access port 2
[Quidway-GigabitEthernet0/0/2]port link-type access　　
/// Set the port type to access
[Quidway-GigabitEthernet0/0/2]port default vlan 10　　
/// take port Join our created vlan 10
[Quidway-GigabitEthernet0/0/2]display vlan 　　/// View configured vlan Information
[Quidway]q　　　　　　　　　　 /// Exit the system settings view

Batch creation vlan：
system-view　　　　　　　　　　 /// Enter system configuration mode
[Quidway]vlan batch 2 to 19　　　　　　　　　 /// Batch creation vlan 2-19 , The system will have a default vlan 1
[Quidway]display vlan　　　　　　　　　　　 /// see vlan Information
[Quidway]q　　　　　　　　　　　　　　 /// Exit the system settings view

Batch deletion vlan：
system-view　　　　　　　　 /// Enter system configuration mode
[Quidway]undo vlan batch 2 to 19　　　　 /// Batch deletion vlan 2-19 , The system will have a default vlan 1
[Quidway]display vlan　　　　　　　　　/// see vlan Information
[Quidway]q　　　　　　　　　　　　　/// Exit the system settings view

Add ports in batch to vlan 10：
system-view　　　　　　　　 /// Enter system configuration mode
[Quidway]interface range GigabitEthernet 0/0/1 to GigabitEthernet 0/0/6 /// take 1 Speak to 6 Add mouth to port-group, Here the system defaults to 1 Speak to 6 Add mouth to 1 In a group .
[Quidway-port-group]port link-type access　　　/// take port-group All ports in the group are changed to access mouth
[Quidway-port-group]port default vlan 10　　　 /// take port-group All ports in the group are added to vlan 10
[Quidway]q　　　　　　　　　　　　　 /// Exit the system settings view
Or create a port group first , Add to vlan in
system-view　　　　　　　　　 /// Enter system configuration mode
[Quidway]port-group 1　　　　　　　　　　/// Create a port group , Group name is 1
[Quidway-port-group-1]group-member GigabitEthernet 0/0/7 to GigabitEthernet 0/0/17　 /// Put the port 7 To 17 Add to Port Group 1 in
[Quidway-port-group-1]port link-type access　/// take port-group-1 All ports in the group are changed to access mouth
[Quidway-port-group-1]port default vlan 20　 /// take port-group-1 All ports in the group are added to vlan 20
[Quidway-port-group-1]display vlan 　　　　/// View configured vlan Information
[Quidway-port-group-1]q　　　　　　　/// Exit the port group 1 Configuration mode
[Quidway]q　　　　　　　　　　　　　 /// Exit the system settings view

Delete vlan---- You need to delete vlanif Information — Delete again vlan：
system-view　　　　　　　　　/// Enter system configuration mode
[Quidway]undo interface Vlanif 10　　　　　/// Delete vlanif 10
[Quidway]display vlan 　　　　　　　　　/// see vlan To configure
[Quidway]display current-configuration /// Find out vlan The configuration is still ,vlanif The configuration is no longer
[Quidway]undo vlan 10　　　　　　　　　　　 /// Delete vlan 10
[Quidway]display vlan 　　　 /// see vlan To configure , Find out vlan 10 No longer
[Quidway]display current-configuration /// Find out vlan The configuration is not ,vlanif Configuration is not , however port Information and , Delete separately port Information is too slow

Batch deletion port Information ：
For the above, we have put vlanif Information deletion ,vlan Delete , however display current-configuration Find out
Previously created port The information is still there , Deleting one by one is too slow , Here we also create groups to delete
system-view　　　　　　　　　　 /// Enter system configuration mode
[Quidway]port-group 2　　　　　　　　　　　 /// establish port Group 2
[Quidway-port-group-2]group-member GigabitEthernet 0/0/1 to GigabitEthernet 0/0/6 /// take 1 Speak to 6 Add the mouth to port Group 2 in
[Quidway-port-group-2]undo port default vlan /// take port Group 2 Port inside vlan Delete all configurations
[Quidway-port-group-2]undo port link-type /// take port Group 2 All port types in the are restored to the default
[Quidway-port-group-2]display current-configuration /// View port information
[Quidway-port-group-2]q　　　　　/// Exit the port group 1 Configuration mode
[Quidway]q　　　　　　　　　　　　 /// Exit the system settings view

Huawei S5700 Switch initialization and configuration TELNET Remote login method ：
1, Switch on Telnet service
system-view # Enter the system view
[Huawei]telnet server ？ # View yes enable still disable Options , Select the corresponding opening method .
[Huawei]telnet server enable #enable Option on Telnet service （ This is generally used for ordinary series ）
[Huawei]undo telnet server disable #disable Option on Telnet service （CE This is generally used for high-end series ）
2, To configure VTY Maximum number of user interfaces （ The maximum number of simultaneous logins ）
[Huawei]user-interface maximum-vty 15 # The default is 5, This can not be set
3, To configure VTY Terminal properties of user interface
[Huawei]user-interface vty 0 14 # It's on it 15 All this is 0 14 If you choose the default here is 0 4
[Huawei-ui-vty0-14]protocol inbound telnet # To configure vty Support telnet agreement
4, To configure VTY User authentication method of user interface
[Huawei-ui-vty0-14]authentication-mode aaa # Configure the authentication mode of the user terminal as aaa Certification for aaa authentication
[Huawei-ui-vty0-14]quit # sign out vty Configuration interface
5, Configure login authentication method
[Huawei]aaa # Get into aaa Configuration mode
[Huawei-aaa]local-user admin1234 password ? # Check the password options you can choose
[Huawei-aaa]local-user admin1234 password simple Huawei12#$ # Password options simple account number admin1234 password Huawei12#$ ( This is generally used for ordinary series )
[Huawei-aaa]local-user admin1234 password irreversible-cipher Huawei12#$ # Password options irreversible-cipher account number admin1234 password Huawei12#$ (CE This is generally used for high-end series )
[Huawei-aaa]local-user admin1234 service-type telnet # Configure the access service type , If you need more SSH Please add
[Huawei-aaa]local-user admin1234 privilege level 3 # Configure the level of the account , Default 3 Level is the authority of super administrator
[Huawei-aaa]quit # sign out
telnet 127.0.0.1 # test telnet Configure whether OK
save # Save configuration

Configure through serial port cable S5700 Management of IP Address , The serial port cable is connected to the switch console mouth ,ip After setting, the network cable is connected to ETH mouth ：
system-view
[Quidway] interface MEth 0/0/1
[Quidway] interface MEth 0/0/1
[Quidway-MEth0/0/1]ip address x.x.x.x 255.255.255.0 /// Set up MEth Management port ip Address
[Quidway-MEth0/0/1]quit
[Quidway]ip route-static 0.0.0.0 0.0.0.0 x.x.x.x（gateway）
[Quidway-MEth0/0/1]display ip interface MEth 0/0/1
/// see MEth Configuration information of management port
If the switch does not ETH mouth , And configuration is required VLANIF：
system-view
[Quidway] interface vlanif3000
[Quidway–Vlanif3000]ip address x.x.x.x 255.255.255.0
[Quidway–Vlanif3000]quit
[Quidway]ip route-static 0.0.0.0 0.0.0.0 x.x.x.x（gateway）
[Quidway]

Add users , Set up ssh telent Remote login
system-view /// Enter system configuration mode
[Quidway]aaa /// Get into AAA Pattern
[Quidway-aaa]local-user chy password cipher qaz123456
/// Set the local user name and password cipher encryption
[Quidway-aaa]local-user chy service-type ssh telnet terminal
/// Set user settings login ssh telnet terminal service
[Quidway-aaa]display ssh server status　　　　　　　　　　　　　
/// see ssh Whether the service is effective
[Quidway-aaa]display telnet server status　　　　　　　　　　
/// see telnet Whether the service is effective
[Quidway-aaa]local-user chy privilege level 15
/// Set user level
[Quidway-aaa]q /// sign out AAA Pattern
Set up vty 0 4 Virtual port for remote login
VTY It is the virtual port of the router for remote login ,0 4 Can be opened at the same time 5 One session ,line vty 0 4 Is to enter VTY port , Yes VTY Port configuration , For example, configure password , perhaps ACL.
[Quidway]user-interface vty 0 4 /// Get into vty 0 4 Remote virtual port
[Quidway-ui-vty0-4]authentication-mode aaa /// Configure the virtual user terminal AAA Authentication mode
[Quidway-ui-vty0-4]user privilege level 15 /// Configure the user level for the virtual user terminal
[Quidway-ui-vty0-4]protocol inbound all /// Configure the protocol used for the virtual user terminal ,all That is, both support
[Quidway-ui-vty0-4]protocol inbound telnet /// Configure the virtual user terminal telnet agreement , You can use telnet Remote login
[Quidway-ui-vty0-4]protocol inbound ssh /// Configure the virtual user terminal ssh agreement , That is, users can use ssh Remote login
[Quidway]ssh user chy authentication-type password /// by chy User Settings ssh Certification for password, This command is useful for setting single user settings
[Quidway]ssh authentication-type default password /// Set up ssh The default authentication method is password authentication , It is very practical for setting up multiple users
[Quidway]ssh user chy service-type stelnet /// by chy User Settings ssh The type of authentication service is stelnet
[Quidway]display ssh user-information chy /// see ssh service chy User's configuration information
[Quidway]q　　　　　　　　　　　　　　　　/// Exit the system settings view
save　　　　　　　　　　　　　　/// Save settings

Two 、 Set up telnet Sign in S5700(eg. Set the username admin password 112233)：
system-view
[Quidway] user-interface vty 0 4
[Quidway-ui-vty0-4] authentication-mode aaa
[Quidway-ui-vty0-4]protocal inbound all
[Quidway-ui-vty0-4] user privilege level 15
[Quidway-ui-vty0-4]quit
[Quidway]telnet server enable
[Quidway] aaa
[Quidway-aaa] local-user admin password cipher 112233
[Quidway-aaa] local-user admin service-type telnet
[Quidway-aaa] local-user admin privilege level 15
[Quidway-aaa] quit

3、 ... and 、 Set up SSH Sign in 5700（eg. Set the username admin password 112233）:
[Quidway]rsa local-key-pair create
The key name will be: Quidway_Host
% RSA keys defined for Quidway_Host already exist.
Confirm to replace them? [y/n]:y
The range of public key size is (512 ~ 2048).
NOTES: If the key modulus is greater than 512,
it will take a few minutes.
Input the bits in the modulus[default = 512]:
Generating keys…
…++++++++++++
…++++++++++++
…++++++++
…++++++++
[Quidway] aaa
[Quidway-aaa] local-user admin password simple 112233
[Quidway-aaa] local-user admin service-type ssh
[Quidway-aaa] local-user admin privilege level 15
[Quidway-aaa] quit
[Quidway] stelnet server enable
Info: Succeeded in starting the Stelnet server.
[Quidway] ssh authentication-type default password
[Quidway]quit
save all